CVE-2007-5646 – Simple Machines Forum (SMF) 1.1.3 - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2007-5646
SQL injection vulnerability in Sources/Search.php in Simple Machines Forum (SMF) 1.1.3, when MySQL 5 is used, allows remote attackers to execute arbitrary SQL commands via the userspec parameter in a search2 action to index.php. Vulnerabilidad de inyección SQL en Sources/Search.php en Simple Machines Forum (SMF) 1.1.3, cuando MySQL 5 se está utilizando, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro userspec en un una acción search2 en index.php. • https://www.exploit-db.com/exploits/4547 http://secunia.com/advisories/27346 http://securityreason.com/securityalert/3284 http://www.securityfocus.com/archive/1/482569/100/0/threaded http://www.securityfocus.com/bid/26144 http://www.simplemachines.org/community/index.php?topic=196380.0 http://www.vupen.com/english/advisories/2007/3568 https://exchange.xforce.ibmcloud.com/vulnerabilities/37342 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2007-3942
https://notcve.org/view.php?id=CVE-2007-3942
Directory traversal vulnerability in index.php in Simple Machines Forum (SMF) 1.1.3 allows remote attackers to include local files via unspecified vectors related to the sourcedir parameter or the actionArray hash. NOTE: CVE and multiple third parties dispute this vulnerability because both sourcedir and actionArray are defined before use ** IMPUGNADO ** Vulnerabilidad de salto de directorio en index.php de Simple Machines Forum (SMF) 1.1.3 permite a atacantes remotos incluir ficheros locales mediante vectores no especificados relativos al parámetro sourcedir o la tabla hash actionArray. NOTA: CVE y múltiples terceras partes impugnan esta vulnerabilidad porque ambos sourcedir y actionArray se definen antes de ser usados. • http://www.securityfocus.com/archive/1/473866/100/0/threaded http://www.securityfocus.com/archive/1/473991/100/0/threaded http://www.securityfocus.com/archive/1/480572/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/35451 •
CVE-2007-3309
https://notcve.org/view.php?id=CVE-2007-3309
Unspecified vulnerability in Simple Machines Forum (SMF) 1.1.2 allows remote attackers to execute arbitrary PHP code during (1) creation or (2) editing of a message. Vulnerabilidad no especificada en Simple Machines Forum (SMF) 1.1.2 permite a atacantes remotos ejecutar código PHP de su elección durante la (1) creación o (2) edición de un mensaje. • http://osvdb.org/40433 http://securitytracker.com/id?1018260 http://securityvulns.ru/Rdocument271.html http://www.securityfocus.com/archive/1/471641/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/34908 •
CVE-2007-3308
https://notcve.org/view.php?id=CVE-2007-3308
Simple Machines Forum (SMF) 1.1.2 uses a concatenation method with insufficient randomization when creating a WAV file CAPTCHA, which allows remote attackers to pass the CAPTCHA test via an automated brute-force attack. Simple Machines Forum (SMF) 1.1.2 utiliza un método de concatenación con aleatoriedad insuficiente al crear el CAPTCHA de un fichero WAV, lo cual permite a atacantes remotos evitar el test del CAPTCHA mediante un ataque automatizado por fuerza bruta. • http://osvdb.org/40617 http://securitytracker.com/id?1018260 http://securityvulns.ru/Rdocument271.html http://www.securityfocus.com/archive/1/471641/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/34907 •
CVE-2007-2546
https://notcve.org/view.php?id=CVE-2007-2546
Session fixation vulnerability in Simple Machines Forum (SMF) 1.1.2 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. Vulnerabilidad de fijación de sesión en Simple Machines Forum (SMF) 1.1.2 y versiones anteriores permite a atacantes remotos secuestrar sesiones web estableciendo el parámetro PHPSESSID. • http://osvdb.org/35705 http://secunia.com/advisories/25139 http://securityreason.com/securityalert/2676 http://www.majorsecurity.de/index_2.php?major_rls=major_rls47 http://www.securityfocus.com/archive/1/467748/100/0/threaded http://www.securityfocus.com/archive/1/471414/100/0/threaded http://www.securityfocus.com/bid/24482 • CWE-287: Improper Authentication •